Implications of using insecure memory
Johan Wevers
johanw at vulcan.xs4all.nl
Tue Oct 5 04:28:44 CEST 2004
Atom 'Smasher' wrote:
>supplying a password to *any* application being run on a box that isn't
>under your direct administrative and physical control is a risk, and
>shouldn't be overlooked. however, it pales in comparison to using pgp/gpg
>on windows.
Well, I would feel more secure entering a password on my machine, which I
have under physical control, when it has booted windows than when I would
do it on a Linux machine who someone else controls. Of course, the fact that
it uses a NAT router and firewall to enter the internet that has standard
all ports from outside to inside closed helps. I have only set port 80
explicitly open, and since the windows 2000 or 98 don't run webservers
it won't be of much use for an attacker.
--
ir. J.C.A. Wevers // Physics and science fiction site:
johanw at vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users
mailing list